Lucene search
K

1369 matches found

CNVD
CNVD
added 2020/11/23 12:0 a.m.1 views

gbase 8s database suffers from a local lift vulnerability (CNVD-2020-68761)

GBase 8s is a mature and stable enterprise-level domestic transactional database independently developed by Tianjin Nanda General Data Technology Co. GBase 8s database suffers from a local power lifting vulnerability, which can be exploited by an attacker to gain control of the server...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/23 12:0 a.m.0 views

gbase 8s database suffers from a local lift vulnerability (CNVD-2020-68762)

GBase 8s is a mature and stable enterprise-level domestic transactional database independently developed by Tianjin Nanda General Data Technology Co. GBase 8s database suffers from a local power lifting vulnerability, which can be exploited by an attacker to gain control of the server...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/11/22 12:0 a.m.1 views

File Upload Vulnerability in WaveRock DAYS Disaster Recovery Software

ASRock DAYS disaster recovery software belongs to DAYS series of optional products, which integrates disaster recovery, fault tolerance, backup and query functions, and provides one-stack infrastructure, the same disaster recovery management, elasticity, multi-layer data protection, smooth...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/11/21 12:0 a.m.2 views

Command Execution Vulnerability in Zendo Backend of Qingdao Easoft Tianchuang Network Technology Co.

Zendo is a home-grown project management software. There is a command execution vulnerability in the backend of Zendo, which can be exploited by attackers to obtain server control privileges...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/11/21 12:0 a.m.1 views

Command Execution Vulnerability in Scarecrow PHP System

Scarecrow PHP System is a simple and open source enterprise website program. Scarecrow PHP system has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.1 views

Command Execution Vulnerability in Netnifty Power V6000-F2310

Power V6000-F2310 is a Netnifty Firewall. A command execution vulnerability exists in the Netnifty Power V6000-F2310, which can be exploited by an attacker to gain control of a server...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.1 views

Command Execution Vulnerability in Netnifty Power V6000-F2310 (CNVD-2020-69492)

Power V6000-F2310 is a Netnifty Firewall. A command execution vulnerability exists in the Netnifty Power V6000-F2310, which can be exploited by an attacker to gain control of a server...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.2 views

Code Execution Vulnerability in Win8 URL Navigation Source 1.0

Win8 website navigation whole site using html5+css+jquery layout, static version of a single page. Win8 URL navigation source code 1.0 code execution vulnerability, an attacker can use the vulnerability to obtain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.3 views

Command Injection Vulnerability in Huawei HG532 Router

Huawei HG532 router is a wireless router product for home and small office users. A command injection vulnerability exists in the Huawei HG532 Router. An attacker can exploit this vulnerability to gain control of the server...

7.8AI score
Exploits0
CNVD
CNVD
added 2020/11/20 12:0 a.m.4 views

Unauthorized access and file upload vulnerabilities in Ruoyi's backend management system

Ruoyi backend management system is based on SpringBoot, Spring Security, JWT, Vue & Element of the front and back end separation of permissions management system , can be used for all Web applications , such as website management backend , website member center , CMS, CRM, OA and so on. If there ...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/11/19 12:0 a.m.1 views

File upload vulnerability in several webcams of Shenzhen Qiaoan Technology Co.

Shenzhen Qiaoan Technology Co., Ltd. is a professional R&D manufacturer of surveillance cameras, specializing in the production of Qiaoan surveillance, Qiaoan surveillance cameras and so on. Shenzhen Qiaoan Technology Co., Ltd. a number of webcam file upload vulnerability, attackers can use the...

7AI score
Exploits0
CNVD
CNVD
added 2020/11/19 12:0 a.m.2 views

File Upload Vulnerability in Various Webcams of Shenzhen Qiaoan Technology Co. Ltd (CNVD-2020-68675)

Shenzhen Qiaoan Technology Co., Ltd. is a professional R&D manufacturer of surveillance cameras, specializing in Qiaoan surveillance, Qiaoan surveillance cameras and so on. Shenzhen Qiaoan Technology Co., Ltd. a number of webcam file upload vulnerability, attackers can use the vulnerability to...

7AI score
Exploits0
CNVD
CNVD
added 2020/11/18 12:0 a.m.2 views

File Upload Vulnerability in Baidu Deep Blue Alliance Personnel Management System

Baidu Deep Blue Alliance personnel management system is an OA system project. A file upload vulnerability exists in the Baidu Deep Blue Alliance Personnel Management System, which can be exploited by an attacker to gain control of the server...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/11/18 12:0 a.m.1 views

Command execution vulnerability in Apache hama

Apache Hama is a big data analytics framework using the Bulk Synchronous Parallel BSP computational model. Apache hama suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.5AI score
Exploits0
CNVD
CNVD
added 2020/11/18 12:0 a.m.1 views

Command Execution Vulnerability in iray IR Camera AM310420

Arrow focuses on the R&D and manufacturing of infrared imaging technology and products with fully independent intellectual property rights, and is committed to providing professional and competitive infrared thermal imaging products and industry solutions for global customers. A command execution...

7.7AI score
Exploits0
Prion
Prion
added 2020/11/13 4:15 p.m.22 views

Design/Logic Flaw

An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server...

6.5CVSS8.7AI score0.09852EPSS
Exploits3References2Affected Software1
OSV
OSV
added 2020/11/12 7:15 p.m.2 views

CVE-2020-26804

In Sentrifugo 3.2, users can share an announcement under "Organization - Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload...

8.8CVSS7.3AI score0.01394EPSS
Exploits1References1
NVD
NVD
added 2020/11/12 7:15 p.m.14 views

CVE-2020-26804

In Sentrifugo 3.2, users can share an announcement under "Organization - Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload...

8.8CVSS8.7AI score0.01394EPSS
Exploits1References1
NVD
NVD
added 2020/11/12 7:15 p.m.10 views

CVE-2020-26803

In Sentrifugo 3.2, users can upload an image under "Assets - Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server...

8.8CVSS8.8AI score0.01394EPSS
Exploits1References1
Prion
Prion
added 2020/11/12 7:15 p.m.11 views

Unrestricted file upload

In Sentrifugo 3.2, users can upload an image under "Assets - Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server...

6.5CVSS8.7AI score0.01394EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder